Security vulnerabilities in MediaTek chips are expected to allow eavesdropping on Android smartphone users. According to Check Point Research, the vulnerability also allows hackers to hide malicious code.
Check Point Research reports that the problem affects as much as 37 percent of all devices in the world. Importantly, the above-mentioned vulnerabilities occur mainly in smartphones from Xiaomi, Oppo, Realme and Vivo.
Chip reverse engineering
Engineers from Check Point Research decided to look at the chips produced by the Taiwanese company MediaTek. As they noted, the company’s integrated circuits include a special AI processing unit and a digital audio signal processor. Thanks to them, it is possible to improve multimedia performance and reduce CPU consumption.
However, experts were curious to what extent non-standard units can be used by cybercriminals to attack a smartphone. Therefore, specialists performed a series of studies that led to the discovery of a chain of vulnerabilities. The vulnerabilities can be used to eavesdrop on Android users’ conversations.
But this is not the end. Check Point Research points out that these vulnerabilities could potentially have been exploited by the device manufacturers themselves. In this way, it would be possible to create a massive eavesdropping campaign. However, specialists emphasize that they have not been able to find concrete evidence of this type of abuse.